Compare commits
3 commits
3908e7b52c
...
f5d4d16c03
| Author | SHA1 | Date | |
|---|---|---|---|
f5d4d16c03
|
|||
|
d9f0ada04f
|
|||
|
183b98a728
|
5 changed files with 105 additions and 90 deletions
|
|
@ -15,7 +15,7 @@
|
|||
"sntrup761x25519-sha512@openssh.com"
|
||||
];
|
||||
PasswordAuthentication = false;
|
||||
PermitRootLogin = "no";
|
||||
PermitRootLogin = "prohibit-password";
|
||||
StreamLocalBindUnlink = "yes";
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,6 +1,11 @@
|
|||
{config, ...}: {
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
services.atuin = {
|
||||
enable = true;
|
||||
package = pkgs.unstable.atuin;
|
||||
openRegistration = false;
|
||||
maxHistoryLength = 1024 * 16;
|
||||
port = 43473;
|
||||
|
|
|
|||
|
|
@ -4,8 +4,6 @@
|
|||
pkgs,
|
||||
...
|
||||
}: let
|
||||
keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILm0O46zW/XfVOSwz0okRWYeOAg+wCVkCtCAoVTpZsOh"];
|
||||
|
||||
nu_scripts = "${pkgs.nu_scripts}/share/nu_scripts";
|
||||
mkCompletions = completions:
|
||||
lib.concatStringsSep "\n" (
|
||||
|
|
@ -17,14 +15,18 @@
|
|||
in {
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
|
||||
users.mutableUsers = false;
|
||||
users.users.root.hashedPasswordFile = config.age.secrets."system/password-root".path;
|
||||
|
||||
users.users.winston = {
|
||||
extraGroups = ["wheel"];
|
||||
hashedPasswordFile = config.age.secrets."system/password-winston".path;
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = keys;
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
users.root = {
|
||||
hashedPasswordFile = config.age.secrets."system/password-root".path;
|
||||
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/mwLoiuaQ6KH+1IOvYO541gq37S43pYtMetilMG3v5"] ++ config.users.users.winston.openssh.authorizedKeys.keys;
|
||||
};
|
||||
users.winston = {
|
||||
extraGroups = ["wheel"];
|
||||
hashedPasswordFile = config.age.secrets."system/password-winston".path;
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILm0O46zW/XfVOSwz0okRWYeOAg+wCVkCtCAoVTpZsOh"];
|
||||
};
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
|
|
|
|||
92
flake.lock
92
flake.lock
|
|
@ -73,6 +73,30 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"deploy-rs": {
|
||||
"inputs": {
|
||||
"flake-compat": [],
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"utils": [
|
||||
"flake-utils"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718194053,
|
||||
"narHash": "sha256-FaGrf7qwZ99ehPJCAwgvNY5sLCqQ3GDiE/6uLhxxwSY=",
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"rev": "3867348fa92bc892eba5d9ddb2d7a97b9e127a8a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
|
|
@ -174,26 +198,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixinate": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708891350,
|
||||
"narHash": "sha256-VOQrKK7Df/IVuNki+NshVuGkTa/Tw0GigPjWcZff6kk=",
|
||||
"owner": "matthewcroughan",
|
||||
"repo": "nixinate",
|
||||
"rev": "452f33c60df5b72ad0858f5f2cf224bdf1f17746",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "matthewcroughan",
|
||||
"repo": "nixinate",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1725001927,
|
||||
|
|
@ -255,14 +259,15 @@
|
|||
"inputs": {
|
||||
"agenix": "agenix",
|
||||
"attic": "attic",
|
||||
"deploy-rs": "deploy-rs",
|
||||
"flake-parts": "flake-parts_2",
|
||||
"flake-utils": "flake-utils",
|
||||
"home-manager": "home-manager",
|
||||
"nixinate": "nixinate",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||
"pre-commit-hooks": "pre-commit-hooks",
|
||||
"satisfactory-server": "satisfactory-server",
|
||||
"steam-fetcher": "steam-fetcher",
|
||||
"valheim-server": "valheim-server"
|
||||
}
|
||||
},
|
||||
|
|
@ -271,44 +276,27 @@
|
|||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"steam-fetcher": "steam-fetcher"
|
||||
"steam-fetcher": [
|
||||
"steam-fetcher"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1726069190,
|
||||
"narHash": "sha256-UYnjgHSIjxdbRBxpVwvQ5IX5TVfRmgVZsGvwvRHeuPc=",
|
||||
"path": "/home/winston/satisfactory-flake",
|
||||
"type": "path"
|
||||
"lastModified": 1726272490,
|
||||
"narHash": "sha256-gpbldF84vR73LevX+PuYFRDXuoQBiR8mRDtuSfqvAU4=",
|
||||
"owner": "nekowinston",
|
||||
"repo": "satisfactory-server-flake",
|
||||
"rev": "1b2cb3e067fad90576926df4f3d94ccc206e3225",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"path": "/home/winston/satisfactory-flake",
|
||||
"type": "path"
|
||||
"owner": "nekowinston",
|
||||
"repo": "satisfactory-server-flake",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"steam-fetcher": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"satisfactory-server",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1714795926,
|
||||
"narHash": "sha256-PkgC9jqoN6cJ8XYzTA2PlrWs7aPJkM3BGiTxNqax0cA=",
|
||||
"owner": "nix-community",
|
||||
"repo": "steam-fetcher",
|
||||
"rev": "12f66eafb7862d91b3e30c14035f96a21941bd9c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "steam-fetcher",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"steam-fetcher_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"valheim-server",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
|
|
@ -361,7 +349,9 @@
|
|||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"steam-fetcher": "steam-fetcher_2"
|
||||
"steam-fetcher": [
|
||||
"steam-fetcher"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1724824251,
|
||||
|
|
|
|||
72
flake.nix
72
flake.nix
|
|
@ -1,24 +1,24 @@
|
|||
{
|
||||
outputs = {
|
||||
flake-parts,
|
||||
nixpkgs,
|
||||
nixpkgs-unstable,
|
||||
self,
|
||||
...
|
||||
} @ inputs: let
|
||||
overlays = [
|
||||
(final: _: rec {
|
||||
atuin = unstable.atuin;
|
||||
(final: _: {
|
||||
unstable = nixpkgs-unstable.legacyPackages.${final.system};
|
||||
prometheus-fail2ban-exporter = final.callPackage ./pkgs/prometheus-fail2ban-exporter {};
|
||||
unstable = inputs.nixpkgs-unstable.legacyPackages.${final.system};
|
||||
})
|
||||
];
|
||||
in
|
||||
flake-parts.lib.mkFlake {inherit inputs;} {
|
||||
flake = {
|
||||
nixosConfigurations.main-node = inputs.nixpkgs.lib.nixosSystem {
|
||||
nixosConfigurations.main-node = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
{
|
||||
_module.args.nixinate.host = "main-node";
|
||||
nixpkgs = {
|
||||
config.allowUnfree = true;
|
||||
inherit overlays;
|
||||
|
|
@ -30,11 +30,21 @@
|
|||
inputs.agenix.nixosModules.default
|
||||
inputs.attic.nixosModules.atticd
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
inputs.valheim-server.nixosModules.default
|
||||
inputs.satisfactory-server.nixosModules.default
|
||||
inputs.valheim-server.nixosModules.default
|
||||
];
|
||||
specialArgs = {inherit inputs;};
|
||||
};
|
||||
|
||||
checks = builtins.mapAttrs (_: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;
|
||||
|
||||
deploy.nodes.main-node = {
|
||||
hostname = "winston.sh";
|
||||
profiles.system = {
|
||||
sshUser = "root";
|
||||
path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.main-node;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
perSystem = {
|
||||
|
|
@ -45,11 +55,23 @@
|
|||
system,
|
||||
...
|
||||
}: {
|
||||
_module.args.pkgs = import inputs.nixpkgs {
|
||||
_module.args.pkgs = import nixpkgs {
|
||||
inherit overlays system;
|
||||
};
|
||||
|
||||
apps = (inputs.nixinate.nixinate.${system} self).nixinate;
|
||||
devShells.default = pkgs.mkShell {
|
||||
inherit (config.pre-commit.devShell) shellHook;
|
||||
buildInputs = [
|
||||
inputs'.agenix.packages.agenix
|
||||
pkgs.age-plugin-yubikey
|
||||
pkgs.unstable.deploy-rs
|
||||
pkgs.unstable.nh
|
||||
pkgs.unstable.nixd
|
||||
self'.formatter
|
||||
];
|
||||
};
|
||||
|
||||
formatter = pkgs.alejandra;
|
||||
|
||||
pre-commit = {
|
||||
check.enable = true;
|
||||
|
|
@ -63,19 +85,6 @@
|
|||
shellcheck.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
devShells.default = pkgs.mkShell {
|
||||
inherit (config.pre-commit.devShell) shellHook;
|
||||
buildInputs = [
|
||||
inputs'.agenix.packages.agenix
|
||||
pkgs.age-plugin-yubikey
|
||||
pkgs.unstable.nh
|
||||
pkgs.unstable.nil
|
||||
self'.formatter
|
||||
];
|
||||
};
|
||||
|
||||
formatter = pkgs.alejandra;
|
||||
};
|
||||
|
||||
imports = [inputs.pre-commit-hooks.flakeModule];
|
||||
|
|
@ -109,9 +118,11 @@
|
|||
inputs.flake-compat.follows = "";
|
||||
inputs.flake-utils.follows = "flake-utils";
|
||||
};
|
||||
nixinate = {
|
||||
url = "github:matthewcroughan/nixinate";
|
||||
deploy-rs = {
|
||||
url = "github:serokell/deploy-rs";
|
||||
inputs.flake-compat.follows = "";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.utils.follows = "flake-utils";
|
||||
};
|
||||
pre-commit-hooks = {
|
||||
url = "github:cachix/pre-commit-hooks.nix";
|
||||
|
|
@ -119,14 +130,21 @@
|
|||
inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||
inputs.nixpkgs-stable.follows = "nixpkgs";
|
||||
};
|
||||
valheim-server = {
|
||||
url = "github:aidalgol/valheim-server-flake";
|
||||
|
||||
# game servers
|
||||
steam-fetcher = {
|
||||
url = "github:nix-community/steam-fetcher";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
satisfactory-server = {
|
||||
# url = "github:nekowinston/satisfactory-server-flake";
|
||||
url = "path:/home/winston/satisfactory-flake";
|
||||
url = "github:nekowinston/satisfactory-server-flake";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.steam-fetcher.follows = "steam-fetcher";
|
||||
};
|
||||
valheim-server = {
|
||||
url = "github:aidalgol/valheim-server-flake";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
inputs.steam-fetcher.follows = "steam-fetcher";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue